ranslation) The technology that maintains the privacy of the addresses of the computers in a home or business network when accessing the Internet. It converts the private addresses that are assigned to the internal computers to one or more public addresses that are visible on the Internet (see private IP address
). NAT is an IETF standard that is implemented in a router or firewall as well as in any user's machine that is configured to share its Internet connection (see ICS
NAT assigns a number to the packet headers of the messages going out to the Internet and keeps track of them via an internal table that it creates. When responses come back from the Internet, NAT uses the table to perform the reverse conversion to the private IP address of the requesting client machine (see illustration below).
A First-Level Firewall
NAT enhances security by keeping internal addresses hidden from the outside world. It prevents several kinds of first-level attacks, but not all, and must be used in conjunction with the firewall built into the router or the personal firewall in each user's machine. Enterprises generally use very robust firewall architectures for security (see firewall
). See dynamic NAT
NAT Port Address Translation (PAT)
This common NAT method assigns a different TCP port number to each client session with a server on the Internet. When responses come back, the source port becomes the destination port and determines which user to route the packets to. It also validates that the incoming packets were requested. See TCP/IP port